FEDORA-EPEL-2025-7b4e3ab4cf
Packages in this update:
uriparser-0.9.8-2.el10_1
Update description:
Update to uriparser-0.9.8.
uriparser-0.9.8-2.el10_1
Update to uriparser-0.9.8.
uriparser-0.9.8-2.el9
Update to uriparser-0.9.8.
qgis-3.42.1-2.fc42
Fix CVE-2024-55565.
Update to 3.42.1.
Update to qgis-3.42.0
qgis-3.40.5-2.fc41
Fix CVE-2024-55565.
Update to 3.40.5.
Update to 3.40.4.
mingw-libxslt-1.1.43-1.fc42
Update to 1.1.43, fixes CVE-2024-55549 and CVE-2025-24855.
mingw-libxslt-1.1.43-1.fc40
Update to 1.1.43, fixes CVE-2024-55549 and CVE-2025-24855.
mingw-libxslt-1.1.43-1.fc41
Update to 1.1.43, fixes CVE-2024-55549 and CVE-2025-24855.
Ivan Fratric discovered two use-after-free vulnerabilities in libxslt,
an XSLT processing runtime library, which may result in the execution of
arbitrary code if a specially crafted files are processed.
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
CVE-2024-44192
Tashita Software Security discovered that processing maliciously
crafted web content may lead to an unexpected process crash.
CVE-2024-54467
Narendra Bhati discovered that a malicious website may exfiltrate
data cross-origin.
CVE-2025-24201
Apple discovered that maliciously crafted web content may be able
to break out of Web Content sandbox.
A cross-site scripting vulnerability was discovered in hgweb, the
integrated stand-alone web interface of the Mercurial version control
system.